We all thought it was a joke, but it wasn’t. The Onion really got hacked on Monday, and it was indeed victim of the Syrian Electronic Army (SAE), the pro-Assad group of “hacktivists” who have been hacking media companies left and right.
In an unusually serious blog post, the satirical website’s tech team recounts step by step how it got hacked.
Everything began in much the same way the vast majority of these hacks start: with a phishing email, an attempt to get an employee to click on a malicious link. In this case, the link appeared to lead to a Washington Post story, but it actually redirected to another web address, which directed to yet another fake site that asked for Google Apps credentials.
Even though “these emails were sent from strange, outside addresses, and they were sent to few enough employees to appear as just random noise rather than a targeted attack,” reads the post, “At least one Onion employee fell for this phase of the phishing attack.”
And that’s all you need when you’re hoping to hack your way into a network. Once it had access to one account, the SEA sent another round of phishing emails, this time from the compromised account, which made them look more legit, and convinced more employees to click on them. And that’s how the hackers finally got access to The Onion‘s Twitter account.
It took the IT team a while to spot the intrusion, and once they did they asked all Onion employees to change their passwords. Once they did, in classic Onion fashion, they made fun of it all, posting a story darkly titled: “Syrian Electronic Army Has A Little Fun Before Inevitable Upcoming Death At Hands of Rebels.”
Oh, and they also made fun of themselves:
Onion Twitter Password Changed To OnionMan77 | ‘That Ought To Do It,’ Company Sources Confirm onion.com/10CAZYc
— The Onion (@TheOnion) May 6, 2013
To find out exactly how The Onion got hacked, and what to do to avoid getting hacked the same way, whatch the video above.